Intel Processors Hit by New Side-Channel Attack Named Indirector

TapTechNews July 4th news, security experts have newly disclosed the Indirector vulnerability that affects Intel's RaptorLake and AlderLake processors. It is a brand-new side-channel attack that can steal sensitive information in the processor.

The good news is that Intel released a fix patch after being notified in February this year, and informed other system providers, and deployed BHI and IBRS/eIBRS mitigation measures.

Security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen named this attack Indirector.

TapTechNews learned from the report that this vulnerability exploits the defects found in the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) to bypass existing defense measures and undermine the security of the CPU.

The Indirector attack targets the processor's indirect branch predictor and illegally discloses information to an attacker with local user access rights through a side channel.

The research team developed a tool named iBranchLocator, which can effectively identify and manipulate specific branches in the IBP. This tool can implement highly precise BTI attacks and may endanger security in various situations, including cross-process and cross-privilege environments.